puppet-neutron/manifests/agents/n1kv_vem.pp
Takashi Kajinami f065e99adf Use relative name for class inclusion
This patch replces the remaining usage of absolute name in 'require',
and makes all class inclusion depend on relative name.

Change-Id: Ic4698d309e899303c7e2566187fb21a442fb930d
2020-07-09 15:57:16 +09:00

254 lines
8.0 KiB
Puppet

# == Class: n1kv_vem
#
# Deploy N1KV VEM on compute and network nodes.
# Support exists and tested for RedHat.
# (For Ubuntu/Debian platforms few changes and testing pending.)
#
# === Parameters
# [*n1kv_vsm_ip*]
# (required) N1KV VSM(Virtual Supervisor Module) VM's IP.
# Defaults to 127.0.0.1
#
# [*n1kv_vsm_ipv6*]
# (required) N1KV VSM(Virtual Supervisor Module) VM's IP.
# Defaults to ::1
#
# [*n1kv_vsm_domain_id*]
# (required) N1KV VSM DomainID.
# Defaults to 1000
#
# [*host_mgmt_intf*]
# (required) Management Interface of node where VEM will be installed.
# Defaults to eth1
#
# [*uplink_profile*]
# (optional) Uplink Interfaces that will be managed by VEM. The uplink
# port-profile that configures these interfaces should also be specified.
# (format)
# $uplink_profile = { 'eth1' => 'profile1',
# 'eth2' => 'profile2'
# },
# Defaults to empty
#
# [*vtep_config*]
# (optional) Virtual tunnel interface configuration.
# Eg:VxLAN tunnel end-points.
# (format)
# $vtep_config = { 'vtep1' => { 'profile' => 'virtprof1',
# 'ipmode' => 'dhcp'
# },
# 'vtep2' => { 'profile' => 'virtprof2',
# 'ipmode' => 'static',
# 'ipaddress' => '192.168.1.1',
# 'netmask' => '255.255.255.0'
# }
# },
# Defaults to empty
#
# [*node_type*]
# (optional). Specify the type of node: 'compute' (or) 'network'.
# Defaults to 'compute'
#
# All the above parameter values will be used in the config file: n1kv.conf
#
# [*vteps_in_same_subnet*]
# (optional)
# The VXLAN tunnel interfaces created on VEM can belong to same IP-subnet.
# In such case, set this parameter to true. This results in below
# 'sysctl:ipv4' values to be modified.
# rp_filter (reverse path filtering) set to 2(Loose).Default is 1(Strict)
# arp_ignore (arp reply mode) set to 1:reply only if target ip matches
# that of incoming interface. Default is 0
# arp_announce (arp announce mode) set to 1. Default is 0
# Please refer Linux Documentation for detailed description
# http://lxr.free-electrons.com/source/Documentation/networking/ip-sysctl.txt
#
# If the tunnel interfaces are not in same subnet set this parameter to false.
# Note that setting to false causes no change in the sysctl settings and does
# not revert the changes made if it was originally set to true on a previous
# catalog run.
#
# Defaults to false
#
# [*n1kv_source*]
# (optional)
# n1kv_source ==> VEM package location. One of below
# A)URL of yum repository that hosts VEM package.
# B)VEM RPM/DPKG file name, If present locally in 'files' folder
# C)If not specified, assumes that VEM image is available in
# default enabled repositories.
# Defaults to empty
#
# [*n1kv_version*]
# (optional). Specify VEM package version to be installed.
# Not applicable if 'n1kv_source' is a file. (Option-B above)
# Defaults to 'present'
#
# [*package_ensure*]
# (optional) Ensure state for dependent packages: Openvswitch/libnl.
# Defaults to 'present'.
#
# [*enable*]
# (optional) Enable state for service. Defaults to 'true'.
#
# [*manage_service*]
# (optional) Whether to start/stop the service
# Defaults to true
#
# [*portdb*]
# (optional) PortDB (ovs|vem)
# Defaults to ovs
#
# [*fastpath_flood*]
# (optional) Handle broadcast floods and unknown pkts in fastpath(KLM)
# Defaults to enable
#
class neutron::agents::n1kv_vem (
$n1kv_vsm_ip = '127.0.0.1',
$n1kv_vsm_ipv6 = '::1',
$n1kv_vsm_domain_id = 1000,
$host_mgmt_intf = 'eth1',
$uplink_profile = {},
$vtep_config = {},
$node_type = 'compute',
$vteps_in_same_subnet = false,
$n1kv_source = '',
$n1kv_version = 'present',
$package_ensure = 'present',
$enable = true,
$manage_service = true,
$portdb = 'ovs',
$fastpath_flood = 'enable'
) {
include neutron::deps
include neutron::params
require vswitch::ovs
Exec { path => [ '/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/' ] }
if($::osfamily != 'Redhat') {
#current support exists for Redhat family.
#Support for Debian will be added soon.
fail("Unsupported osfamily ${::osfamily}")
}
#Check source of n1kv-vem image:yum-repo (or) local file in 'files' directory
if $n1kv_source != '' {
if ($n1kv_source =~ /^http/) or ($n1kv_source =~ /^ftp/) {
$vemimage_uri = 'repo'
} else {
$vemimage_uri = 'file'
$vemtgtimg = "/var/n1kv/${n1kv_source}"
}
} else {
$vemimage_uri = 'unspec'
}
package { 'libnl':
ensure => $package_ensure,
name => $::neutron::params::libnl_package,
tag => ['neutron-support-package'],
}
file {
'/etc/n1kv':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755';
'/var/n1kv':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
}
#specify template corresponding to 'n1kv.conf'
file {'/etc/n1kv/n1kv.conf':
ensure => present,
owner => 'root',
group => 'root',
mode => '0664',
content => template('neutron/n1kv.conf.erb'),
require => File['/etc/n1kv'],
}
if $vemimage_uri == 'file' {
#specify location on target-host where image file will be downloaded to.
#Later vem package: 'nexus1000v' will be installed from this file.
file { $vemtgtimg:
owner => 'root',
group => 'root',
mode => '0664',
source => "puppet:///modules/neutron/${n1kv_source}",
require => File['/var/n1kv'],
}
package {'nexus1000v':
ensure => $n1kv_version,
provider => $::neutron::params::package_provider,
source => $vemtgtimg,
tag => ['neutron-support-package', 'openstack'],
require => File[$vemtgtimg]
}
} else {
if $vemimage_uri == 'repo' {
#vem package: 'nexus1000v' will be downloaded and installed
#from below repo.
yumrepo { 'cisco-vem-repo':
baseurl => $n1kv_source,
descr => 'Repo for VEM Image',
enabled => 1,
gpgcheck => 1,
gpgkey => "${n1kv_source}/RPM-GPG-KEY"
#proxy => '_none_',
}
warning('cisco-vem-repo repository management is deprecated, it will be dropped in a future release.')
}
package {'nexus1000v':
ensure => $package_ensure,
tag => ['neutron-support-package', 'openstack'],
}
}
warning('nexus1000v package management is deprecated, it will be dropped in a future release.')
if $manage_service {
if $enable {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
}
service { 'nexus1000v':
ensure => $service_ensure,
}
warning('nexus1000v service management is deprecated, it will be dropped in a future release.')
#Upon config change in 'n1kv.conf' execute below 'vemcmd reread config'.
#No need to restart service.
exec { 'vemcmd reread config':
subscribe => File['/etc/n1kv/n1kv.conf'],
refreshonly => true,
require => Service['nexus1000v']
}
if $vteps_in_same_subnet == true {
$my_sysctl_settings = {
'net.ipv4.conf.default.rp_filter' => { value => 2 },
'net.ipv4.conf.all.rp_filter' => { value => 2 },
'net.ipv4.conf.default.arp_ignore' => { value => 1 },
'net.ipv4.conf.all.arp_ignore' => { value => 1 },
'net.ipv4.conf.all.arp_announce' => { value => 2 },
'net.ipv4.conf.default.arp_announce' => { value => 2 },
}
create_resources(sysctl::value,$my_sysctl_settings)
}
Package['libnl'] -> Package['nexus1000v']
Service['openvswitch'] ~> Package['nexus1000v']
File['/etc/n1kv/n1kv.conf'] -> Package['nexus1000v']
Package['nexus1000v'] ~> Service['nexus1000v']
}